nessus scan

neocontrol · 02-25-2007, 08:34 AM

Hi all,

I did a nessus scan on some of my servers today, and I got back this.

Code:

The remote host is using a version of OpenSSL which is
older than 0.9.6m or 0.9.7d

There are several bug in this version of OpenSSL which may allow
an attacker to cause a denial of service against the remote host.

*** Nessus solely relied on the banner of the remote host
*** to issue this warning

Solution : Upgrade to version 0.9.6m (0.9.7d) or newer
Risk factor : High
CVE : CVE-2004-0079, CVE-2004-0081, CVE-2004-0112
BID : 9899
Other references : IAVA:2004-B-0006

I went and did a upgrade to versioin 0.9.8. Now when I run "openssl version", I get this:

OpenSSL 0.9.8e 23 Feb 2007

So after upgrading, I re-ran the nessus scan. And I got back the same result. I imagine this is an apache config problem?

I'm running apache 2.2.4 w/ php5.2.1. openssl is version 0.9.8.

Can anyone give me some direction?

Mara · 02-25-2007, 03:25 PM

Check the service it reports a problem with. The thing is that quite many programs link with OpenSSL directly and do not use the version you have installed in your system. You'd need to update the service if that's the case.